Realpalyer 最新漏洞下载

       近期出现利用realplayer 缓冲区溢出漏洞的脚本病毒，当用户浏览带有该脚本病毒网页时，电脑会被中入其他病毒、木马。请立即下载补丁程升级你的realplayer。

       受影响的realplayer版本：RealPlayer 10.5 and RealPlayer 11 beta。

       补丁下载地址：http://service.real.com/realplayer/security/191007_player/securitydb.rnx

RealNetworks, Inc. Releases Update to Address Security Vulnerabilities

Updated October 25, 2007

RealNetworks has issued a fix for a vulnerability identified as a malicious web page which affects the import method of an Active X control to cause a stack overflow in the Realplayer. CVE-2007-5601. This posting is applicable to versions of the product downloaded before October 25th, 2007.

RealPlayer 10.5 and RealPlayer 11 beta users should install the patch per the instructions below to address this security vulnerability that aims to cause buffer overflow that could provide the potential for an attacker to run arbitrary or malicious code on a user’s PC.

RealOne Player, RealOne Player v2 and RealPlayer 10 users should upgrade immediately to RealPlayer 10.5 or RealPlayer 11 beta following the instructions below.

For Windows XP, Windows 2000, Windows 98, Windows ME:

Please click here to install the patch for RealPlayer 10.5 and RealPlayer 11 beta.

Please click here to upgrade your player for RealOne Player and RealPlayer 10.

For Windows Vista:

Please click here to go to download a new player from the web.

Macintosh and Linux versions of RealPlayer are not at risk for this vulnerability. In addition, RealPlayer 8 and earlier versions of RealNetworks software for Windows are not affected. We are committed to providing our customers with timely and comprehensive information about our software. As such, we encourage users to check this site periodically for the latest updates.

Instructions

Windows Players:

If you are on Windows Vista, please click here to go to download a new player from the web.

RealPlayer 10.5 and RealPlayer 11 beta customers can get a patch to correct this issue. Please click here or to update your Player.

RealOne Player (English only), RealOne Player V2 and RealPlayer 10 customers require a full download to correct this issue. Please click here or use the following steps to upgrade your Player:

• In the Tools menu select Check for Update.
• Select the box next to the "RealPlayer 10.5 with Harmony™ Technology" component.
• Click Install to download and install the update.

Details for Potential Vulnerabilities:

The identified vulnerability is a malicious web page which affects the import method of an Active X control to cause a stack overflow in the Realplayer. CVE-2007-5601